 <?php 

$username = $_POST['username'];

$password = $_POST['password'];



include("opendb.php");

include("functions.php");

//$res = isValidUser($username,$password);

//if($res!=1) {

//echo "0";

//exit;

//}



$ListingID = $_GET['listing_id'];
//$ListingID = '587720';




$query = "select * from Users where Username='".$username."'";

$result = mysql_query($query) or die ("SQL Error".mysql_error());

$row=mysql_fetch_assoc($result);

$userid = $row['ID'];

$xmlout = "<slideshow>";
$xmlout .= "\n\t";
$xmlout .= '<controls value="true"/>';
$xmlout .= "\n\t";
$xmlout .= '<cyclePeriod value="3"/>';
$xmlout .= "\n\t";
$xmlout .= '<transitionPeriod value="1.5"/>';
$xmlout .= "\n\t";
$xmlout .= "<images>";
$xmlout .= "\n\t";

$lquery = "select * from Listing_Images where Listing_ID = '".$ListingID."' and Type='IMAGE'";
$lresult = mysql_query($lquery) or die ("SQL Error".mysql_error());
$num_images = mysql_num_rows($lresult);

if($num_images == 0)
{
}
else
{
	$i=1;
	while($lrow=mysql_fetch_assoc($lresult))			
	{

		$xmlout.= '<image file="'.$lrow['Path'].'" description="Image '.$i.' of '.$num_images.'"/>';
		if($i < ($num_images)){
		$xmlout .= "\n\t";
		}
		else{
		$xmlout .= "\n";
		}
		

		$i++;
	}
}


		
$xmlout .= "</images>\n";
$xmlout .= "</slideshow>\n\t";

		echo $xmlout;

?>